Explore top 10 tips to secure your open-source projects now. Read More
×An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for mbedtls-2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0213-1 Rating: important References: #1240051 #1240052 Cross-References: CVE-2025-27809 CVE-2025-27810 Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for mbedtls-2 fixes the following issues: - Update to version 2.28.10 (2.28 LTS line), fixing: * CVE-2025-27809: the TLS client accepted certificates valid for arbitrary hostnames unless the application called mbedtls_ssl_set_hostname() (boo#1240051) * CVE-2025-27810: use of uninitialized stack memory when composing the TLS Finished message could lead to an authentication bypass such as a replay (boo#1240052) - Sync packaging with Factory: enable MBEDTLS_SSL_DTLS_SRTP and MBEDTLS_SSL_PROTO_DTLS and ship the everest headers and pkg-config files in the -devel subpackage Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-213=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): libmbedcrypto7-2.28.10-bp157.2.3.1 libmbedtls14-2.28.10-bp157.2.3.1 libmbedx509-1-2.28.10-bp157.2.3.1 mbedtls-2-devel-2.28.10-bp157.2.3.1 - openSUSE Backports SLE-15-SP7 (aarch64_ilp32): libmbedcrypto7-64bit-2.28.10-bp157.2.3.1 libmbedtls14-64bit-2.28.10-bp157.2.3.1 libmbedx509-1-64bit-2.28.10-bp157.2.3.1 - openSUSE Backports SLE-15-SP7 (x86_64): libmbedcrypto7-32bit-2.28.10-bp157.2.3.1 libmbedtls14-32bit-2.28.10-bp157.2.3.1 libmbedx509-1-32bit-2.28.10-bp157.2.3.1 References: https://www.suse.com/security/cve/CVE-2025-27809.html https://www.suse.com/security/cve/CVE-2025-27810.html https://bugzilla.suse.com/1240051 https://bugzilla.suse.com/1240052 . Update for mbedtls-2 fixes important issues regarding authentication bypass and stack memory concerns.. openSUSE update, mbedtls-2 security, security patch, authentication issues. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for perl-XML-LibXML Announcement ID: SUSE-SU-2026:22081-1 Release Date: 2026-06-05T10:40:12Z Rating: important References: * bsc#1264715 Cross-References: * CVE-2026-8177 CVSS scores: * CVE-2026-8177 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-8177 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for perl-XML-LibXML fixes the following issue * CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences (bsc#1264715). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-893=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-893=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * perl-XML-LibXML-debuginfo-2.0210-160000.3.1 * perl-XML-LibXML-2.0210-160000.3.1 * perl-XML-LibXML-debugsource-2.0210-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * perl-XML-LibXML-debuginfo-2.0210-160000.3.1 * perl-XML-LibXML-2.0210-160000.3.1 * perl-XML-LibXML-debugsource-2.0210-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-8177.html * https://bugzilla.suse.com/show_bug.cgi?id=1264715 . Update issued for perl-XML-LibXML resolves an important security flaw in SUSE Linux impacting memory handling during XML parsing.. SUSE Linux, Security Update, Perl XML, Memory Handling, Important Security Fix. .Severity: Important. LinuxSecurity.com Team
Update to 1.28.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-52a9a687f0 2026-04-25 01:21:36.172756+00:00 -------------------------------------------------------------------------------- Name : micropython Product : Fedora 44 Version : 1.28.0 Release : 1.fc44 URL : http://micropython.org/ Summary : Implementation of Python 3 with very low memory footprint Description : Implementation of Python 3 with very low memory footprint -------------------------------------------------------------------------------- Update Information: Update to 1.28.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 6 2026 Lumr Balhar - 1.28.0-1 - Update to 1.28.0 - Security fix for CVE-2026-1998 - Update mbedtls submodule to 3.6.6 - mbedtls security fixes for CVE-2026-25834, CVE-2026-34871, CVE-2026-25833 - CVE-2025-52496, CVE-2025-52497, CVE-2025-49087, CVE-2025-54764, CVE-2025-59438 Resolves: rhbz#2455368, rhbz#2376688, rhbz#2376701, rhbz#2382261, rhbz#2405245, rhbz#2405374, rhbz#2437327, rhbz#2454032, rhbz#2454086, rhbz#2454213 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2376688 - CVE-2025-52496 micropython: Mbed TLS AESNI Race Condition Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2376688 [ 2 ] Bug #2376701 - CVE-2025-52497 micropython: Mbed TLS PEM Parsing Buffer Underflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2376701 [ 3 ] Bug #2382261 - CVE-2025-49087 micropython: Mbed TLS PKCS#7 Timing Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2382261 [ 4 ] Bug #2405245 - CVE-2025-54764 micropython: Mbedtls timing attacks in RSA operations [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2405245 [ 5 ] Bug #2405374 - CVE-2025-59438 micropython: MbedTLS Padding oracle through timing of cipher errorreporting [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2405374 [ 6 ] Bug #2437327 - CVE-2026-1998 micropython: micropython runtime.c mp_import_all memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2437327 [ 7 ] Bug #2454032 - CVE-2026-25833 micropython: buffer underflow in x509_inet_pton_ipv6() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454032 [ 8 ] Bug #2454086 - CVE-2026-34871 micropython: entropy on Linux can fall back to /dev/urandom [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454086 [ 9 ] Bug #2454213 - CVE-2026-25834 micropython: Mbed TLS: Algorithm downgrade vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2454213 [ 10 ] Bug #2455368 - micropython-1.28.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2455368 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-52a9a687f0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for Fedora 44 micropython to 1.28.0 resolves critical security issues related to memory corruption and buffer underflow.. Fedora Update, Memory Security, MicroPython Update, Python Low Memory, Security Issues. . Severity: Critical. LinuxSecurity.com Team
An update that solves two vulnerabilities can now be installed.. # Security update for helm Announcement ID: SUSE-SU-2026:20685-1 Release Date: 2026-03-05T14:24:28Z Rating: moderate References: * bsc#1251442 * bsc#1251649 Cross-References: * CVE-2025-47911 * CVE-2025-58190 CVSS scores: * CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47911 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-47911 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-58190 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues: * Update to version 3.19.1: * CVE-2025-47911: golang.org/x/net/html: Fixed various algorithms with quadratic complexity when parsing HTML documents (bsc#1251442) * CVE-2025-58190: golang.org/x/net/html: Fixed xcessive memory consumption by `html.ParseFragment` when processing specially crafted input (bsc#1251649) * jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 * Avoid "panic: interface conversion: interface {} is nil" * Fix `helm pull` untar dir check with repo urls * Fix deprecation warning * Add timeout flag to repo add and update flags * Update to version 3.19.0: * bump version to v3.19.0 * fix: use username and password if provided * fix(helm-lint): fmt * fix(helm-lint): Add TLSClientConfig * fix(helm-lint): Add HTTP/HTTPS URL support for json schema references * chore(deps): bump the k8s-iogroup with 7 updates * fix: go mod tidy for v3 * fix Chart.yaml handling * Handle messy index files * json schema fix * fix: k8s version parsing to match original * Do not explicitly set SNI in HTTPGetter * Disabling linter due to unknown issue * Updating link handling * fix: user username password for login * Update pkg/registry/transport.go * fix: add debug logging to oci transport * fix: legacy docker support broken for login * fix: plugin installer test with no Internet * Handle an empty registry config file. * Prevent fetching newReference again as we have in calling method * Prevent failure when resolving version tags in oras memory store * fix(client): skipnode utilization for PreCopy * test: Skip instead of returning early. looks more intentional * test: tests repo stripping functionality * test: include tests for Login based on different protocol prefixes * fix(client): layers now returns manifest - remove duplicate from descriptors * fix(client): return nil on non-allowed media types * Fix 3.18.0 regression: registry login with scheme * Update pkg/plugin/plugin.go * Wait for Helm v4 before raising when platformCommand and Command are set * Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]" * build(deps): bump the k8s-io group with 7 updates * chore: update generalization warning message * fix: move warning to top of block * fix: govulncheck workflow * fix: replace fmt warning with slog * fix: add warning when ignore repo flag * feat: add httproute from gateway-api to create chart template * Update to version 3.18.6: * fix(helm-lint): fmt * fix(helm-lint): Add TLSClientConfig * fix(helm-lint): Add HTTP/HTTPS URL support for json schema references * Update to version 3.18.5: * fix Chart.yaml handling 7799b48 (Matt Farina) * Handle messy index files dd8502f (Matt Farina) * json schema fix cb8595b (Robert Sirchia) * Fix shell completion dependencies * Add BuildRequires to prevent inclusion offolders owned by shells. * Add Requires because installing completions without appropriate shell is questionable. * Fix zsh completion location ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-360=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * helm-3.19.1-160000.1.1 * helm-debuginfo-3.19.1-160000.1.1 * SUSE Linux Micro 6.2 (noarch) * helm-bash-completion-3.19.1-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47911.html * https://www.suse.com/security/cve/CVE-2025-58190.html * https://bugzilla.suse.com/show_bug.cgi?id=1251442 * https://bugzilla.suse.com/show_bug.cgi?id=1251649 . SUSE provides a security update for helm addressing two vulnerabilities with moderate severity, enhancing system safety.. SUSE Helm Security Update, Moderate Severity Update, Memory Consumption Issue, Vulnerability Fixes. . LinuxSecurity.com Team
libmaxminddb 1.13.1 Re-release for Ubuntu PPA, no code changes. libmaxminddb 1.13.0 MMDB_get_entry_data_list() now validates that the claimed array/map size is plausible given the remaining bytes in the data section. A crafted database. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-814a1deec8 2026-02-27 00:52:14.662439+00:00 -------------------------------------------------------------------------------- Name : libmaxminddb Product : Fedora 43 Version : 1.13.1 Release : 1.fc43 URL : https://maxmind.github.io/libmaxminddb/ Summary : C library for reading MaxMind DB files Description : The libmaxminddb library provides a C library for reading MaxMind DB files, including the GeoIP2 databases from MaxMind. This is a custom binary format designed to facilitate fast lookups of IP addresses while allowing for great flexibility in the type of data associated with an address. The MaxMind DB format is an open file format. The specification is available at https://maxmind.github.io/MaxMind-DB/ and licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License. -------------------------------------------------------------------------------- Update Information: libmaxminddb 1.13.1 Re-release for Ubuntu PPA, no code changes. libmaxminddb 1.13.0 MMDB_get_entry_data_list() now validates that the claimed array/map size is plausible given the remaining bytes in the data section. A crafted database could previously claim millions of array elements while only having a few bytes of data, causing disproportionate memory allocation (memory amplification DoS). Fixed integer overflow in MMDB_read_node() and find_ipv4_start_node() pointer arithmetic. The node_number * record_length multiplication was performed in uint32_t, which could overflow for very large databases. Now cast to uint64_t before multiplying, matching the pattern already used in find_address_in_search_tree(). Fixed printf format specifier mismatches in mmdblookup's metadata dump. %i was used for unsigned types and %llu for uint64_t, which is technically undefined behavior. Now uses the portable PRIu32, PRIu16, and PRIu64 macros from . Fixed an integer overflow in the search tree bounds check in find_address_in_search_tree(). The addition of node_count and data_section_size was performed in uint32_t arithmetic, which could wrap on very large databases, causing valid lookups to be incorrectly rejected as corrupt. Fixed a NULL pointer dereference in mmdblookup when displaying metadata for a database with an out-of-range build_epoch. The gmtime() return value is now checked before passing to strftime(). MMDB_close() now NULLs the file_content, data_section, and metadata_section pointers and zeroes file_size, data_section_size, and metadata_section_size after unmapping. Previously, calling MMDB_close() twice on the same struct (or calling it after a failed MMDB_open() that succeeded at mapping) would double-munmap the file content, which is undefined behavior. Fixed a stack buffer overflow in print_indentation() when MMDB_dump_entry_data_list() was called with a negative indent value. The negative integer was cast to size_t, producing a massive value passed to memset(). Negative indent values are now clamped to 0. MMDB_lookup_string() now sets *mmdb_error to MMDB_SUCCESS when getaddrinfo fails (non-zero *gai_error). Previously, *mmdb_error was left uninitialized in this case, which could cause callers to read an indeterminate value. Added a recursion depth limit to skip_map_or_array(), matching the existing MAXIMUM_DATA_STRUCTURE_DEPTH (512) limit already used by get_entry_data_list(). A crafted MMDB file with deeply nested maps or arrays could previously cause a stack overflow via unbounded recursion in the MMDB_aget_value / MMDB_get_value code path. Fixed an off-by-one error in MMDB_read_node() that allowedreading one node past the end of the search tree when called with node_number == node_count. This caused the function to read from the data section separator and return an invalid record with an underflowed data offset. The check now correctly rejects node_number > = node_count. The handling of float and double types was rewritten to fix compiler errors and to eliminate the use of volatile. Improved endian preprocessor check if MMDB_LITTLE_ENDIAN is not set. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 25 2026 Robert Scheck 1.13.1-1 - Upgrade to 1.13.1 (#2442507) * Fri Jan 16 2026 Fedora Release Engineering - 1.12.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2442507 - libmaxminddb-1.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2442507 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-814a1deec8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
* bsc#1246152 * bsc#1251442 * bsc#1251649 Cross-References: . # Security update for helm Announcement ID: SUSE-SU-2025:4190-1 Release Date: 2025-11-24T09:21:06Z Rating: important References: * bsc#1246152 * bsc#1251442 * bsc#1251649 Cross-References: * CVE-2025-47911 * CVE-2025-53547 * CVE-2025-58190 CVSS scores: * CVE-2025-47911 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-47911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-53547 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H * CVE-2025-53547 ( SUSE ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H * CVE-2025-53547 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H * CVE-2025-53547 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-58190 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-58190 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Containers Module 15-SP6 * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux EnterpriseServer 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues: * Update to version 3.19.1 * CVE-2025-53547: Fixed local code execution in Helm Chart. (bsc#1246152) * CVE-2025-58190: Fixed excessive memory consumption by `html.ParseFragment` when processing specially crafted input. (bsc#1251649) * CVE-2025-47911: Fixed various algorithms with quadratic complexity when parsing HTML documents. (bsc#1251442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4190=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-4190=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-4190=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-4190=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4190=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4190=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4190=1 * SUSE Linux Enterprise High PerformanceComputing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4190=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4190=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4190=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4190=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4190=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4190=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4190=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4190=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4190=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4190=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-4190=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * openSUSE Leap 15.6 (noarch) * helm-fish-completion-3.19.1-150000.1.57.1 * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * helm-bash-completion-3.19.1-150000.1.57.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * ContainersModule 15-SP6 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * Containers Module 15-SP7 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Package Hub 15 15-SP6 (noarch) * helm-fish-completion-3.19.1-150000.1.57.1 * SUSE Package Hub 15 15-SP7 (noarch) * helm-fish-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 *SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 * SUSE Enterprise Storage 7.1(aarch64 x86_64) * helm-debuginfo-3.19.1-150000.1.57.1 * helm-3.19.1-150000.1.57.1 * SUSE Enterprise Storage 7.1 (noarch) * helm-zsh-completion-3.19.1-150000.1.57.1 * helm-bash-completion-3.19.1-150000.1.57.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47911.html * https://www.suse.com/security/cve/CVE-2025-53547.html * https://www.suse.com/security/cve/CVE-2025-58190.html * https://bugzilla.suse.com/show_bug.cgi?id=1246152 * https://bugzilla.suse.com/show_bug.cgi?id=1251442 * https://bugzilla.suse.com/show_bug.cgi?id=1251649 . SUSE security update fixes important memory and code execution issues in Helm software across multiple products.. SUSE Helm Update Security Memory Code Execution. . Severity: Important. LinuxSecurity.com Team
Backport fix for CVE-2025-54874.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4588dcd9ee 2025-08-13 01:31:18.135856+00:00 -------------------------------------------------------------------------------- Name : openjpeg Product : Fedora 41 Version : 2.5.3 Release : 8.fc41 URL : https://github.com/uclouvain/openjpeg Summary : C-Library for JPEG 2000 Description : The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains * JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1 compliance). * JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple component transforms for multispectral and hyperspectral imagery) -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2025-54874. -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 10 2025 Sandro Mani - 2.5.3-8 - Backport fix for CVE-2025-54874 * Thu Jul 24 2025 Fedora Release Engineering - 2.5.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2386563 - CVE-2025-54874 openjpeg: OpenJPEG OOB heap memory write [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2386563 [ 2 ] Bug #2386568 - CVE-2025-54874 openjpeg: OpenJPEG OOB heap memory write [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2386568 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4588dcd9ee' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Backport fix for CVE-2025-54874.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-8355fbd790 2025-08-12 00:55:59.003836+00:00 -------------------------------------------------------------------------------- Name : openjpeg Product : Fedora 42 Version : 2.5.3 Release : 8.fc42 URL : https://github.com/uclouvain/openjpeg Summary : C-Library for JPEG 2000 Description : The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains * JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1 compliance). * JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple component transforms for multispectral and hyperspectral imagery) -------------------------------------------------------------------------------- Update Information: Backport fix for CVE-2025-54874. -------------------------------------------------------------------------------- ChangeLog: * Sun Aug 10 2025 Sandro Mani - 2.5.3-8 - Backport fix for CVE-2025-54874 * Thu Jul 24 2025 Fedora Release Engineering - 2.5.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2386563 - CVE-2025-54874 openjpeg: OpenJPEG OOB heap memory write [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2386563 [ 2 ] Bug #2386568 - CVE-2025-54874 openjpeg: OpenJPEG OOB heap memory write [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2386568 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8355fbd790' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.